Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Linkc

| Active

Linkc is a ransomware group first observed in February 2025, operating a Tor-based data leak site and targeting US-based AI, cloud, aerospace, and manufacturing companies — including H2O.ai — demanding ransoms as high as $15 million using double-extortion tactics.

Victims
4
 
First Discovered
2025-02-19
victim
Last Discovered
2026-04-08
victim
Inactive Since
35
days
Avg Delay
48.2
days
Infostealer
25.0%
victims with domain
Countries
1
hit
View Victims on World Map View Group Statistics
Attack Velocity — Last 12 months
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Linkc Pub Yes 2026-05-13T23:47:03 NGINX nginx iywqjjaf2zioehzzauys3sktbcdmuzm2fsjkqsblnm7dt6axjfpoxwid.onion
Target
Top 5 Activity Sectors
  • Technology 2
  • Manufacturing 1
Top 5 Countries
  • US flag United States 4
Heatmap
Ransom Notes (1)
YARA Rules (1)
Victims (4)
Logo
Sajet Products US
Linkc
Discovered: 2026-04-08 (1mo ago)  ·  Attack est.: 2026-01-30
700mb of blueprints including Amazon LEO (satellite) Project Kuiper scheme, Airbus, Boeing engines a…
Logo
StrongLink US
Linkc
Discovered: 2026-04-08 (1mo ago)  ·  Attack est.: 2026-02-03
DOWNLOAD SAMPLE: https://amber-wooden-prawn-35.mypinata.cloud/ipfs/bafybeian2lxaye6gwvi2kztzfpyr2lok…
Logo
Network Technology Services of New Jersey US
Linkc
Discovered: 2026-04-08 (1mo ago)  ·  Attack est.: 2026-02-27
Whole datacenter is encrypted. Waiting for you in chat.…
Logo
h2o.ai US
Linkc
Discovered: 2025-02-19 (1y ago)  ·  Attack est.: 2025-01-29
As a result of our operation, we have discovered the following concerning data: 1. Unanonymized cus…